By msmash from Slashdot's closer-look department:Just 1 percent of all Reddit communities set off 74 percent of all conflicts on the site, a new research has found. The Outline: In the self-published research from Srijan Kumar, Jure Leskoec, William Hamilton, and Dan Jurafsky of Stanford University, "intercommunity conflict" is defined as "negative sentiment to comment in another community." These users wouldn't necessarily qualify as trolls or sockpuppets; they're instigators, posting links to other subreddits and encouraging other users to target, harass, and fight with users on that subreddit.

By BeauHD from Slashdot's only-a-matter-of-time department:An anonymous reader quotes a report from Motherboard: Grayshift, a company that offers to unlock modern iPhones for as little as $50 each, has caused a buzz across law enforcement agencies, with local police already putting down cash for the much sought-after tech. Now, it appears a section of the U.S. State Department has also purchased the iPhone cracking tool, judging by procurement records reviewed by Motherboard. Grayshift's iPhone product, dubbed GrayKey, can unlock devices running versions of Apple's latest mobile operating system iOS 11, according to marketing material obtained by Forbes. An online version of GrayKey which allows 300 unlocks costs $15,000 (which boils down to $50 per device), and an offline capability with unlimited uses is $30,000. According to a recent post from cybersecurity firm Malwarebytes, which obtained leaked details on GrayKey, the product itself is a small, four inch by four inch box, and two iPhones can be connected at once via lightning cables. Malwarebytes adds that the time it takes to unlock a device varies depending on the strength of the user's passcode: it may be hours or days. Notably, Grayshift includes an ex-Apple engineer on its staff, Forbes reported.

By BeauHD from Slashdot's coming-soon-to-a-theater-near-you department:hackingbear writes from a report: Amazon is reportedly likely to earmark $1 billion for a television series (Warning: source paywalled, alternative source) based on the ultra-popular Chinese science fiction trilogy The Three Body Problem. The American video subscription service will likely acquire the rights to the Yugo-winning, extremely popular trilogy of novels written by Liu Cixin and produce three seasons of episodes. The rights to the trilogy are currently owned by Lin Qi, the chairman of Youzu Interactive, a Chinese developer and publisher that typically focuses on online and mobile games.

By BeauHD from Slashdot's mission-accomplished department:An anonymous reader quotes a report from Los Angeles Times: "Mad" Mike Hughes, the rocket man who believes the Earth is flat, propelled himself about 1,875 feet into the air Saturday before a hard landing in the Mojave Desert. He told the Associated Press that outside of an aching back he's fine after the launch near Amboy, Calif. The launch in the sparsely populated desert town about 150 miles east of Los Angeles -- was originally scheduled in November. It was scrubbed several times due to logistical issues with the Bureau of Land Management and mechanical problems that kept popping up. The 61-year-old limo driver converted a mobile home into a ramp and modified it to launch from a vertical angle so he wouldn't fall back to the ground on public land. For months he's been working on overhauling his rocket in his garage. It looked like Saturday might be another in a string of cancellations, given that the wind was blowing and his rocket was losing steam. Ideally, they wanted it at 350 psi for maximum thrust, but it was dropping to 340. Sometime after 3 p.m. PDT, and without a countdown, Hughes' rocket soared into the sky. Hughes reached a speed that Stakes estimated to be around 350 mph before pulling his parachute. Hughes was dropping too fast, though, and he had to deploy a second one. He landed with a thud and the rocket's nose broke in two places like it was designed to do.

By BeauHD from Slashdot's behind-the-scenes department:New submitter future guy shares a report from New Atlas: A fascinating study led by scientists at the University of Zurich has uncovered key insights into the mechanisms behind how our brain generates our sense of self. The researchers administered lysergic acid diethylamide (LSD) to several participants in order to home in on where in the brain our sense of self is activated and what happens when a powerful psychedelic drug interferes with that process. The study administered 24 subjects either LSD, LSD in combination with ketanserin, or a placebo. Ketanserin is a compound that is known to inhibit many of the effects of LSD by blocking the serotonin 2A receptor (5-HT2A receptor). Each subject lay in an MRI scanner while undergoing a series of social interaction simulations with a virtual avatar. As well as the brain imaging, the subjects' eye movements were monitored to track when they were or were not following the gaze of the virtual avatar. The study demonstrated LSD-altered brain activity in several regions previously identified as fundamental for developing coherent self-representation during social interaction, including the posterior cingulate cortex, medial prefrontal cortex and the angular gyrus. Most importantly though was the observation that ketanserin normalized the effects of LSD to the point where the group influenced by ketanserin and LSD displayed similar results to those under the effect of the placebo. These results strongly suggest that the 5-HT2A receptor plays a fundamental role in the development of self-awareness, and differentiation between the self and others. The value of this research is two-fold. As well as simply increasing our knowledge of how the brain functions under the influence of psychedelic drugs, it is suggested that different psychiatric conditions could be treated by manipulating the 5-HT2A receptor pathways. The study has been published in the journal JNeurosci.

By BeauHD from Slashdot's non-commercial department:dryriver writes: Before I ask my question, there already is free and open-source software (FOSS) for wind turbine design and simulation called QBlade. It lets you calculate turbine blade performance using nothing more than a computer and appears compatible with Xfoil as well. But consider this: the ultimate, most efficient and most real-world usable and widely deployable wind turbine rotor may not have traditional "blades" or "foils" at all, but may be a non-propeller-like, complex and possibly rather strange looking three-dimensional rotor of the sort that only a 3D printer could prototype easily. It may be on a vertical or horizontal axis. It may have air flowing through canals in its non-traditional structure, rather than just around it. Nobody really knows what this "ultimate wind turbine rotor" may look like. The easiest way to find such a rotor might be through machine-learning. You get an algorithm to create complex non-traditional 3D rotor shapes, simulate their behavior in wind, and then mutate the design, simulate again, and get a machine learning algorithm to learn what sort of mutations lead to a better performing 3D rotor. In theory, enough iterations -- perhaps millions or more -- should eventually lead to the "ultimate rotor" or something closer to it than what is used in wind turbines today. Is this something FOSS developers could tackle, or is this task too complex for non-commercial software? The real world impact of such a FOSS project could be that far better wind turbines can be designed, manufactured and deployed than currently exist, and the fight against climate change becomes more effective; the better your wind turbines perform, and the more usable they are, the more of a fighting chance humanity has to do something against climate change. Could FOSS achieve this?

By BeauHD from Slashdot's russia-linked department:On Friday, Tumblr said it has taken down 84 accounts used by Russia to spread disinformation ahead of the 2016 presidential election. The accounts were reportedly linked to the Russian troll farm known as the Internet Research Agency. The Hill reports: Special counsel Robert Mueller last month indicted 13 Russians and three Russian entities associated with the Internet Research Agency who are accused of orchestrating an elaborate plot to spread divisive messages to U.S. audiences on social media ahead of the election. The individuals face multiple charges, including identity theft and bank fraud. Tumblr said in a statement Friday that it provided information on the 84 Russia-linked accounts from its investigation to the Justice Department. Tumblr said the Russia-linked accounts were solely focused on spreading disinformation by posting "organic content." The company found no indication that the accounts purchased any advertisements. The platform says it will notify any users who interacted with the accounts and provide them with a list of usernames they engaged with. Tumblr also disclosed that it will keep a public record of usernames linked to the Internet Research Agency or other state-sponsored disinformation efforts for the sake of transparency.

By BeauHD from Slashdot's off-the-grid department:schwit1 shares a report from CNET, written by Claire Reilly: In 2015, during the transition from paper to Opal [contactless public transit cards], Australia passed sweeping new data retention laws. These laws required all Australian internet service providers and telecommunications carriers to retain customers' phone and internet metadata for two years -- details like the phone number a person calls, the timestamps on text messages or the cell tower a phone pings when it makes a call. Suddenly, Australians were fighting for the right to stay anonymous in a digital world. On one side of the fence: safety-conscious civilians. They argued that this metadata was a powerful tool and that the ability to track a person's movements through phone pings or call times was vital for law enforcement. On the other side of the fence: digital civil libertarians. They argued that the data retention scheme was invasive and that this metadata could be used to build up an incredibly detailed picture of someone's life. And sitting in a barn two paddocks away from that fence: me, switching out burner phones and researching VPNs. When it emerged that police had the power to search Opal card data, track people's movements and match this to individual users, it was the last straw. August 2016 rolled around, paperless tickets were phased out and I hatched my plan. The Black Opal. The concept of the Black Opal is simple. Buy your transport card. Pay cash. Top up with cash (preferably in a new location each time). Never register it. Never link it to your credit or debit card. Live off the grid. Stay away from The Man.

By BeauHD from Slashdot's blast-from-the-past department:An anonymous reader quotes a report from Quartz: Zuckerberg should have heeded what he heard from the late Steve Jobs eight years ago. Then, when the social network had a measly half-billion users, Jobs spoke at The Wall Street Journal's AllThingsD conference, where Zuckerberg was in the audience, waiting to be interviewed himself, and described what privacy meant. Journalist Walt Mossberg asked Jobs his thoughts on recent privacy issues around Facebook (which at the time was revamping its privacy controls after criticism it was forcing people to share data) and Google (which was literally recording private wifi information), and whether Silicon Valley looks at privacy differently than the rest of the world.

By BeauHD from Slashdot's price-is-right department:"Android phone makers are 'rushing' to implement fingerprint sensors under the display for upcoming handsets," reports 9to5Mac, citing a new report from Digitimes. "Android manufacturers have decided that recreating the 3D facial recognition used by iPhone X is simply too costly to include, and are instead focusing on implementing Qualcomm's ultrasonic fingerprint scanners." From the report: The report says that including an Infrared depth-sensing facial recognition system like the iPhone X is simply too expensive for Android smartphones to offer, which cannot command the same price premiums as Apple's iPhones. This is a combination of hardware and software development costs. Digitimes claims the cost of the TrueDepth 3D sensors in iPhone X peaked at $60 per unit, an incredibly high proportion of the overall phone cost if accurate. Android makers are also worried about possible patent infringement from adopting Infrared dot projector systems. Instead, they have turned to in-display fingerprint sensors as their next-generation of device authentication. This depends on using Qualcomm technology for ultrasonic-based fingerprint scanners, which can sit below the cover glass and work even if fingers are wet or greasy.

By BeauHD from Slashdot's new-and-improved department:fstack writes: Pi Day was marked this year by the launch of the Raspberry Pi 3 Model B+ as the next evolution to this $35 ARM single-board computer. Phoronix has now put out Raspberry Pi 3 B+ benchmarks showing that the Ethernet performance is indeed much faster now but still doesn't stack up to other high performance boards, the SoC temperature is noticeably lower than the very warm Raspberry Pi 3, and the overall performance is a nice upgrade while retaining the same price point as its predecessors. Follow up tests looking at the Wi-Fi performance also show the new 802.11ac dual-band wireless to be much faster as well.

By BeauHD from Slashdot's magic-tricks department:An anonymous reader quotes a report from Motherboard: Porn performer Avey Moon was trying to send the lucky winner of her Chaturbate contest his prize -- one of her videos, titled "POV Blowjob" -- through her Google Drive account. But it wouldn't send, and Google wasn't telling her why. "I thought there was something wrong with my file and I got rather worried," Moon told me in a Twitter message. "I had promised this guy his content and he was so good to me. I was panicked because I thought if I couldn't give him his prize, he would feel like he got ripped off and never come back again or worse, he could actually file a complaint with Chaturbate about me and they can take money from me." She's not alone. Six porn performers I talked to and more on social media said that they suddenly can't download adult content they keep on Google Drive. They also said they can't a share that content with other accounts or send to clients. In some cases, the adult content is disappearing from Drive without warning or explanation. The porn performers I talked to started sounding the alarm on Twitter last week. They said that Google Drive no longer seemed sex-trade friendly, detailing error messages and sharing cloud storage alternatives with each other.

By BeauHD from Slashdot's here-we-go-again department:"FBI and Justice Department officials have been quietly meeting with security researchers who have been working on approaches to provide such 'extraordinary access' to encrypted devices," reports The New York Times (alternative source), citing people familiar with the matter. Justice Department officials believe that these "mechanisms allowing access to the data" exist without weakening the devices' security against hacking. Slashdot reader schwit1 shares the report: Against that backdrop, law enforcement officials have revived talks inside the executive branch over whether to ask Congress to enact legislation mandating the access mechanisms. The Trump White House circulated a memo last month among security and economic agencies outlining ways to think about solving the problem, officials said. The FBI has been agitating for versions of such a mandate since 2010, complaining that the spreading use of encryption is eroding investigators' ability to carry out wiretap orders and search warrants -- a problem it calls "going dark." The issue repeatedly flared without resolution under the Obama administration, peaking in 2016, when the government tried to force Apple to help it break into the iPhone of one of the attackers in the terrorist assault in San Bernardino, Calif. The debate receded when the Trump administration took office, but in recent months top officials like Rod J. Rosenstein, the deputy attorney general, and Christopher A. Wray, the FBI director, have begun talking publicly about the "going dark" problem. The National Security Council and the Justice Department declined to comment about the internal deliberations. The people familiar with the talks spoke on the condition of anonymity, cautioning that they were at a preliminary stage and that no request for legislation was imminent. But the renewed push is certain to be met with resistance.

By BeauHD from Slashdot's tragic-accidents department:theodp writes: Nearly a week after an autonomous Uber SUV claimed the first life in testing of self-driving vehicles, The Washington Post reports that Waymo CEO John Krafcik says he is confident its cars would have performed differently under the circumstances (Warning: source may be paywalled; alternative source), since they are intensively programmed to avoid such calamities. "I can say with some confidence that in situations like that one with pedestrians -- in this case a pedestrian with a bicycle -- we have a lot of confidence that our technology would be robust and would be able to handle situations like that," Krafcik said Saturday when asked if a Waymo car would have reacted differently than the self-driving Uber. In explaining its since-settled lawsuit against Uber last year, Google charged that Uber was "using key parts of Waymo's self-driving technology," and added it was "seeking an injunction to stop the misappropriation of our designs." In announcing the settlement of the lawsuit last month, Uber CEO Dara Khosrowshahi noted, "we are taking steps with Waymo to ensure our LIDAR and software represents just our good work." A Google spokesperson added, "We have reached an agreement with Uber that we believe will protect Waymo's intellectual property now and into the future. We are committed to working with Uber to make sure that each company develops its own technology. This includes an agreement to ensure that any Waymo confidential information is not being incorporated in Uber Advanced Technologies Group hardware and software." All of which might prompt some to ask: was Elaine Herzberg collateral damage in Google and Uber's IP war? "I want to be really respectful of Elaine [Herzberg], the woman who lost her life and her family," Krafcik continued. "I also want to recognize the fact that there are many different investigations going on now regarding what happened in Tempe on Sunday." His assessment, he said, was "based on our knowledge of what we've seen so far with the accident and our own knowledge of the robustness that we've designed into our systems."

By BeauHD from Slashdot's book-of-secrets department:An anonymous reader quotes a report from Ars Technica: This past week, a New Zealand man was looking through the data Facebook had collected from him in an archive he had pulled down from the social networking site. While scanning the information Facebook had stored about his contacts, Dylan McKay discovered something distressing: Facebook also had about two years worth of phone call metadata from his Android phone, including names, phone numbers, and the length of each call made or received. This experience has been shared by a number of other Facebook users who spoke with Ars, as well as independently by us -- my own Facebook data archive, I found, contained call-log data for a certain Android device I used in 2015 and 2016, along with SMS and MMS message metadata. In response to an email inquiry about this data gathering by Ars, a Facebook spokesperson replied, "The most important part of apps and services that help you make connections is to make it easy to find the people you want to connect with. So, the first time you sign in on your phone to a messaging or social app, it's a widely used practice to begin by uploading your phone contacts." The spokesperson pointed out that contact uploading is optional and installation of the application explicitly requests permission to access contacts. And users can delete contact data from their profiles using a tool accessible via Web browser.

By EditorDavid from Slashdot's this-scepter'd-isle department:The U.K.'s High Court will not send Lauri Love to face trial in the U.S. for hacking government computer systems. Instead they've issued a final refusal to overturn Love's successful appeal of his extradition, Ars Technica reports, "effectively ending the extradition effort permanently."Love was originally arrested in the UK in October of 2013 after using an automated scanner to locate servers within a large range of IP addresses for SQL injection and ColdFusion vulnerabilities and then breaching vulnerable systems and installing Web shells to give him remote administrative-level access. He allegedly managed to compromise servers belonging to the U.S. Missile Defense Agency, the U.S. Army, the Federal Reserve, NASA, and the Environmental Protection Agency. Love's attorneys fought the extradition on the grounds that Love -- who has been diagnosed with Asperger's Syndrome, severe depression, and antibiotic-resistant eczema -- would not get appropriate medical attention in a U.S. prison and would be at risk of suicide if he faced the potential 99-year prison term associated with the charges... The U.S. had already essentially dropped efforts to extradite Love, but the ruling by the High Court now sets legal precedent that may bar future extraditions of British citizens on hacking charges. In a statement e-mailed to Ars, Naomi Colvin -- acting director of the Courage Foundation, an organization that has assisted Love in his extradition appeal -- said that as a result of the ruling, "there is now very little prospect of any British hacker ever finding themselves in the same position as Lauri Love or Gary McKinnon. Fifteen years of terrible public policy in which British hackers were left open to the vindictive instincts of US prosecutors have now been brought to an end." Lauri Love told the site that with this ruling, "The era of the U.S. Department of Justice as world police is over."

By EditorDavid from Slashdot's artificially-intelligent department:"Robot brains will challenge the fundamental assumptions of how we humans do things," argues Popular Mechanics, noting that age-old truism "that computers will always do literally, exactly what you tell them to."

A paper recently published to ArXiv highlights just a handful of incredible and slightly terrifying ways that algorithms think... An AI project which pit programs against each other in games of five-in-a-row Tic-Tac-Toe on an infinitely expansive board surfaced the extremely successful method of requesting moves involving extremely long memory addresses which would crash the opponent's computer and award a win by default... These amusing stories also reflect the potential for evolutionary algorithms or neural networks to stumble upon solutions to problems that are outside-the-box in dangerous ways. They're a funnier version of the classic AI nightmare where computers tasked with creating peace on Earth decide the most efficient solution is to exterminate the human race. The solution, the paper suggests, is not fear but careful experimentation.

The paper (available as a free download) contains 27 anecdotes, which its authors describe as a "crowd-sourced product of researchers in the fields of artificial life and evolutionary computation. Popular Science adds that "the most amusing examples are clearly ones where algorithms abused bugs in their simulations -- essentially glitches in the Matrix that gave them superpowers."

By EditorDavid from Slashdot's moving-back-to-MySpace department:Long-time Slashdot reader Lauren Weinstein argues that fixing Facebook may be impossible because "Facebook's entire ecosystem is predicated on encouraging the manipulation of its users by third parties who posses the skills and financial resources to leverage Facebook's model. These are not aberrations at Facebook -- they are exactly how Facebook was designed to operate." Meanwhile one fund manager is already predicting that sooner or later every social media platform "is going to become MySpace," adding that "Nobody young uses Facebook," and that the backlash over Cambridge Analytica "quickens the demise."

But Slashdot reader silvergeek asks, "is there a safe, secure, and ethical alternative?" to which tepples suggests "the so-called IndieWeb stack using the h-entry microformat." He also suggests Diaspora, with an anonymous Diaspora user adding that "My family uses a server I put up to trade photos and posts... Ultimately more people need to start hosting family servers to help us get off the cloud craze... NethServer is a pretty decent CentOS based option."

Meanwhile Slashdot user Locke2005 shared a Washington Post profile of Mastodon, "a Twitter-like social network that has had a massive spike in sign-ups this week."Mastodon's code is open-source, meaning anybody can inspect its design. It's distributed, meaning that it doesn't run in some data center controlled by corporate executives but instead is run by its own users who set up independent servers. And its development costs are paid for by online donations, rather than through the marketing of users' personal information... Rooted in the idea that it doesn't benefit consumers to depend on centralized commercial platforms sucking up users' personal information, these entrepreneurs believe they can restore a bit of the magic from the Internet's earlier days -- back when everything was open and interoperable, not siloed and commercialized. < article continued at Slashdot's moving-back-to-MySpace department >

Security researcher Giovanni Collazo was able to harvest 8781 passwords, 650 AWS access keys, 23 secret keys, and 8 private keys. First, he ran a query on the hacker search engine Shodan that returned around 2300 servers running etcd database. Then, he ran a simple script that gave him the login credentials stored on these servers which can be used to gain access to CMSs, MySQL, and PostgreSQL databases, etc. etcd is a database used by computing clusters to store and exchange passwords and configuration settings between servers and applications over the network. With the default settings, its programming interface can return administrative login credentials without any authentication upfront... All of the data he harvested from around 1500 servers is around 750MB in size... Collazo advises that anyone maintaining etcd servers should enable authentication, set up a firewall, and take other security measures. Another security research independently verified the results, and reported that one MySQL database had the root password "1234".

By EditorDavid from Slashdot's dark-matters department:An anonymous reader quotes the AFP:Earth Hour, which started in Australia in 2007, is being observed by millions of supporters in 187 countries, who are turning off their lights at 8.30pm local time in what organisers describe as the world's "largest grassroots movement for climate change"... In Paris, the Eiffel Tower plunged into darkness as President Emmanuel Macron urged people to join in and "show you are willing to join the fight for nature". "The time for denial is long past. We are losing not only our battle against climate change, but also our battle against the collapse of biodiversity," he said on Twitter. Moscow's Red Square also fell dark and the Russian section of the International Space Station dipped its lights, the Ria Novisti news agency said... UN Secretary-General Antonio Guterres said the event "comes at a time of huge pressure on people and planet alike. Resources and ecosystems across the world are under assault. Earth hour is an opportunity to show our resolve to change." Other landmarks "going dark" include the Empire State Building in New York and the Sydney Opera House, as well as the harbour skylines of Hong Kong and Singapore.